And I can see exactly how to do it -- copy contrib/admin/views/decorators.py:staff_member _required and change 'request.user.is_staff' to 'request.user.is_superuser'
Sure seems repetitive (non-DRY) (wet?) Its seems so easy that I can't help but think that I'm overlooking something. Why would Django provide both 'is_staff' and 'is_superuser' but only provide a decorator for one of them?? Assuming that its just an oversight seems dangerous. Any thoughts would be welcome On Sep 11, 8:10 am, David Zhou <[EMAIL PROTECTED]> wrote: > On Sep 11, 2008, at 11:07 AM, ek_wals wrote: > > > How should I restrict a page to a superuser only?? > > > There's a 'staff_member_required' decorator, wht not a > > 'superuser_required'? > > It'd be simple enough to write your own decorator to check for > required permissions. I usually do so anyway, in case I need to > change how permission works in the future. > > --- > David Zhou > [EMAIL PROTECTED] --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
